A cybersecurity incident under investigation disrupted phone and internet service across municipal buildings in Milford, New Hampshire, closing the water billing office and cutting off the town clerk’s access to state systems.
Milford is a Hillsborough County town in southern New Hampshire with about 16,700 residents. The municipal government provides services including vehicle registrations, vital records, utility billing and public meetings.
Town alert emails reviewed by DysruptionHub show the operational problems began early July 15. At 8:20 a.m., officials said town buildings had no phone service and directed residents to call 911 for emergencies or a listed nonemergency number.
Six minutes later, the town clerk’s office said it could not connect to New Hampshire state systems because it had no internet access.
At 9:52 a.m., Milford said the water utilities billing office was closed and online payments were unavailable because town buildings lacked internet and phone service. The Water Utilities Department repeated the closure and payment disruption in a public notice.

Milford linked the outage to a cybersecurity issue July 16, saying technical problems were affecting certain internal and external systems. The town said third-party forensic specialists were investigating and that officials had not determined the extent of the “unauthorized activity.”
Documents reviewed by DysruptionHub show town officials received a warning nearly two months earlier about an internet-accessible storage system.
In a May 18 email to Town Administrator Lori Radke, copied to all Select Board members, Milford resident and cybersecurity professional Eric “Fisch” Fischer said a file-sharing link provided in response to a right-to-know request appeared to expose a town Synology network-attached storage system directly to the internet.
“This system should not be exposed directly to the internet in any way, especially the application you were using to share this file,” Fischer wrote. “Please advise the IT Director that this system needs to be taken offline ASAP.”
Fischer told DysruptionHub that he raised the issue with town officials at other times, including during Select Board meetings.
“I raised this issue to them and even cited examples of threat actors targeting government entities, with these devices being low-hanging fruit,” he said.
DysruptionHub has not independently determined whether the system Fischer identified is connected to the incident under forensic investigation.
Milford officials did not respond before publication to questions about whether they received Fischer’s warning, what actions they took afterward or whether the system referenced in the email was affected or under forensic review.
Milford has described the event as a cybersecurity incident involving unauthorized activity, but officials have not identified the type of attack. The town has not said whether ransomware, malware, encryption or data theft was involved, and it has not disclosed a ransom demand or threat actor.
Milford said it was restoring systems and had implemented backup procedures to allow employees to continue providing services. Vehicle registrations and requests for vital records remained available but could take longer than usual.
Public meetings were to be recorded for later broadcast, but remote participation through Zoom was unavailable. The town directed residents to continue calling 911 for emergencies but did not specifically say whether dispatch or other public safety technology was affected.
Milford is at least the second New Hampshire municipality this year to report cyber-related operational disruption. Colebrook said in March that a compromised town email account led the state to suspend some system connections, interrupting clerk services, dispatch-related access and DMV transactions while investigators worked the incident.
Hillsborough County, where Milford is located, also investigated a cyber incident in November 2025 after taking county systems offline. Officials said emergency services remained operational.
As of Friday afternoon, Milford had not provided a restoration timeline, identified all affected departments, said which services remained unavailable or disclosed whether personal data was accessed. The town’s July 16 statement remained its latest detailed public update, and officials had not answered questions about the May warning or whether the storage system Fischer identified was connected to the incident.